Bitcoinica, twice hacked in 2012, is being sued

Bitcoin is an unregulated virtual cash system. The value of a bitcoin can thus fluctuate wildly and widely, allowing users to speculate as well as simply use. This fluctuation has taken its traditional cash value as low as $0.29 and as high as $30 per bitcoin (its value is currently estimated at around $10). But like any cash system, its actual value at any time is entirely dependent on trust. If trust in the currency is high, its value will rise. If trust is low, its value will fall.

Trust in bitcoin has taken some serious knocks recently. As its use has increased it has drawn the attention of cyber criminals. Apart from the two direct hacks against Bitcoinica (which involved the theft of 43,554 bitcoins in March and 18,547 bitcoins in May), this month’s Microsoft Malicious Software Removal Tool (MSRT) release will include removal for the Win32/Bafruz trojan. “Win32/Bafruz,” warned Microsoft yesterday, “contains components, which achieve a number of objectives for the attacker, such as hijacking Facebook and Vkontakte accounts, launching Distributed Denial of Service attacks, performing Bitcoin mining, downloading malware, and disabling security and antivirus products.”

Now, however, Bitcoinica is under attack from its own users as well as cyber criminals. It is being sued in a US court by four users who claim to be owed more than $460,000. They are, says the Out-Law legal blog, “claiming that [Bitcoinica has] ‘knowingly and willfully conspired and agreed upon themselves to hinder, delay and deprive’ them of their right to withdraw their money from the site.”

Four days after the second hack, after which the site was taken off-line, Bitcoinica stated, “We will set up a process in the short term for users to withdraw their funds. Further details will be provided once we determine the best approach.” A month later it added, “Claims which have been internally identified as reasonably accurate based on records and for which the ownership of the claim has been determined will receive an initial payment of 50%.”

This 50% offer is clearly not enough for the four plaintiffs, who are seeking, “the return of all monies in the accounts of Plaintiffs,” damages, punitive damages, costs, and “such other and further relief as the Court may deem just and proper.”

What’s hot on Infosecurity Magazine?